My ISA Logs show a chain proxy loop, and I get a 12206 error when trying to access my OWA through ISA 2004, which publishes my Exchange 2003 Server. I have checked the Binding order
on my NIC's. I'm not running any third party proxy software on my server. It is a SBS 2003 Premium Server. Please can you assist

I have installed the certificate as per Godaddy instructions for IIS 6.0, Is there anything else I should do?

To Install the Intermediate Certificate Bundle
1.Click the Start menu and click Run.... Type mmc in the Run window and click OK to start the Microsoft Management Console (MMC).
2.In the Management Console, select File then Add/Remove Snap In.
3.In the Add or Remove Snap-ins dialog, click the Add button and then select Certificates.
4.Choose Computer Account then click Next.
5.Choose Local Computer, then click Finish.
6.Close the Add or Remove Snap-ins dialog and click OK to return to the main MMC window.
7.If necessary, click the + icon to expand the Certificates folder so that the Intermediate Certification Authorities folder is visible.
8.Right-click on Intermediate Certification Authorities and choose All Tasks, then click Import.
9.Follow the wizard prompts to complete the installation procedure.
10.Click Browse to locate the certificate file. Change the file extension filter in the bottom right corner to be able to select the file. Click Open after selecting the appropriate file.
11.Click Next in the Certificate Import Wizard.
12.Choose Place all certificates in the following store; then use the Browse function to locate Intermediate Certification Authorities. Click Next. Click Finish.
NOTE: If the Go Daddy Class 2 Certification Authority root certificate is currently installed on your machine you will need to disable it from the Trusted Root Certification Authorities folder.

13.Expand the Trusted Root Certification Authorities folder
14.Double-click the Certificates folder to show a list of all certificates.
15.Find the Go Daddy Class 2 Certification Authority certificate.
16.Right-click on the certificate and select Properties.
17.Select the radio button next to Disable all purposes for this certificate.
18.Click OK.
19.Repeat steps 13 to 18, using Starfield Class 2 Certificate Authority as the certificate name to disable.

does Godaddy have any support where you can call and get a real human? Maybe Dannica Patrick? (g). But anyway they would be the best ones to help troubleshoot that,..it's their job,...they do it everyday.

I have cleared the Alert from ISA 2004. BPA is clear now of this error.
Getting back to the 12206 Error I get. When trying to access my OWA, I get the 12206 Error, but if I keep refreshing the browser it lets me in.

Well there is more going on here than what you described,...but I'm not sure what to even ask for. Are they any 3rd party Add-ins for ISA installed? Are they any other web filtering products involved (even if on a different machine)? There has to be more to this than what you have mentioned.

One example of this would be where the ISA process traffic and then forwards to a 3rd party filtering product,...which may then pass it to the ISA after it process it,...causing it to go around in circles (a chain loop). It doesn't reallty matter if the 3rd party product is on the same box with the ISA or a different box,...doesn't matter.

We aren't running any other Third Party Software for Webfiltering. The ISA box is connected directly to my ISP's router. The only other thing that is on the network is an IPCOP Linux Appliance. We use this as a proxy server for internal LAN. As it has better Usage Reports for individual users as apposed to ISA. The Linux Box is connected directly to the ISP's Router. Our ISA server does not have any involvement with this IPCOP Appliance. Do you think it could be causing the Loop?

The only other thing that is on the network is an IPCOP Linux Appliance. We use this as a proxy server for internal LAN.

Well,...then,...there you go,...a 3rd party proxying tool,...and the perfect way to create a chain loop. BTW - ISA also reports the User Accounts,..and the Client Hosts Names,...when configured properly.

Get rid of one or the other. If you get rid of ISA then you have to re-configure the SBS to be a single-Nic Server. You will have to re-run the Internet Connection Wizard "thing" on SBS afterwards. Your Appache Proxy will be the LAN's Proxy Server and the Linux Box with the IPTables (or whatever it is using) will become the LAN Firewall. The Linux box will then be dual-homed and sit on the Network edge.

If you get rid of the Linux box then the SBS will just remain as it is

Well I know you can't just turn stuff off and disable stuff. This whole thing (think "big picture") is how your LAN is designed and how it relates to the outside world. To change things,...you have to redesign things. So yes,...your IT guy need to deal with that.

In a normal ISA-OWA situation where the LAN has a straight-forward Microsoft ISA design without 3rd-party influence,... you would create a stadard Split-DNS setup with your AD/DNS so that the public Domain Name in the Cert is properly resolved depending and where the user is comming from. LAN Users must resolve it to the direct LAN IP of the Exchange/OWA, while the Public External User would resolve to the Public IP# the Name is Publilcly registered to. Then you install the Cert on the OWA box first,...then export the cert as a PFX File with Public Key and copy it to the ISa and then install it on the ISA's Certificate Store. Then run the Publishing Wizard on ISA to publish OWA.

Then when LAN user go to OWA they go directly to OWA without ISA,...but External Users would get to OWA via the Publilc Side of the ISA.

Unfortuneatly, you have SBS which just stands everything on its head and spins it in circles because everything is on one box. That it why you have to ask people who specialize in SBS on how to deal with it. Me personally,..I won't go near SBS.

Have you ever had a hard drive that you can't boot into, but need to change the registry? Here is the solution!
This article guides you through accessing and editing a registry of a non-primary drive.
To read registry information on a non-prim…

With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…